From: Tim X on
Shakespeare <whatsin(a)> writes:

> Op 27-4-2010 1:15, Tim X schreef:
>> Shakespeare<whatsin(a)> writes:
>>> Op 26-4-2010 14:31, Tim X schreef:
>>>> Shakespeare<whatsin(a)> writes:
>>>>> Op 26-4-2010 11:22, Carlos schreef:
>>>>>> On Apr 26, 9:47 am, Shakespeare<what...(a)> wrote:
>>>>>>> Op 21-4-2010 20:39, kat schreef:
>>>>>>>> Hi,
>>>>>>>> I'm trying to check the status of our OID ( server running
>>>>>>>> OEL 4 from another OEL server by passing a string (cn=mytestdb) and
>>>>>>>> I'm hoping to receive an expected string back but I'm getting
>>>>>>>> connection closed by foreign host. Is there a configuration change
>>>>>>>> that has to be made to open up the access?
>>>>>>>> $> telnet oidserver 389
>>>>>>>> Trying
>>>>>>>> Connected to oidserver.
>>>>>>>> Escape character is '^]'.
>>>>>>>> ldapsearch "cn=mytestdb"
>>>>>>>> Connection to oidserver closed by foreign host.
>>>>>>>> $>
>>>>>>>> I'm able to successfully run ldapsearch "cn=mytestdb" directly on the
>>>>>>>> oidserver.
>>>>>>>> Can someone help?
>>>>>>>> thanks.
>>>>>>> Your OID server is not running telnet on port 389, that is the port for
>>>>>>> LDAP. Telnet should normally be running on the normal telnet port.
>>>>>>> But you don't need telnet at all to perform an ldap search on another
>>>>>>> server. You can use ldapsearch on the second server with the target host
>>>>>>> and target port as parameters, like:
>>>>>>> ldapsearch -h<targethost> -p<targetport> -D cn=orcladmin -w<password>
>>>>>>> -b<basedn> (cn=mytestdb)
>>>>>>> Shakespeare
>>>>>> I respectfully disagree with the term 'normal telnet port' (which I
>>>>>> presume Shakespeare assumes 23 ).
>>>>>> Telnet establishes connection between any different ports (as per RFC
>>>>>> 854), and only if intended as remote terminal access this protocol is
>>>>>> assigned server port 23.
>>>>>> Cheers.
>>>>>> Carlos.
>>>>> I stand corrected, Carlos is right here, as the server responds with
>>>>> "connected to oidserver". Still, telnet is not needed here, so you could try
>>>>> to perform ldapsearch directly.
>>>> It is possible the OP was a little confused/misled - thinking that you
>>>> could interact with LDAP directly by issuing protocol commands in the
>>>> same way that people sometimes use telnet to connect to port 25 to issue
>>>> SMTP commands or port 80 and issue HTTP commands. I suspect that if you
>>>> no the low level LDAP protocol, you posibly could do this, but I'm not
>>>> familiar enough with the protocol spec to be sure. In any case, you
>>>> would not be using ldapsearch and it would likely be a somewhat painful
>>>> way to query the directory. There probalby is a basic key sequence you
>>>> could enter to test and determine if an LDAP server is listening on that
>>>> port - similar to issuing HELO to SMTP or a GET to HTTP.
>>>> Tim
>>> Ldapbind is used for this.
>> I'm familiar with ldapsearch and I know that you perform an ldap bind to
>> connect to an ldap server and that this is the standard way to test for
>> existance/password (i.e. bind as that user with their password), but I'm
>> not familiar with any ldapbind program/utility. There is no such utility
>> on any of my systems or in the ldap-utils package that has ldapsearch.
>> Are you saying that ldapbind is the protocol level command that you
>> could use via telnet in a similar way to HELO for SMTP and GET for HTTP?
>> If not, what would be the standard way of diagnosing network access problems
>> with an LDAP server that would verify the server was contactable from
>> various IPs without having to install ldap utilities on all the systems
>> using those IPs?
>> Tim
> ldapbind is a program, as is ldapsearch. It comes with (a.o.) Oracle Identity
> Management and Oracle Application Server. I looked it up and it seems it is
> indeed Oracle specific (but it can bind to other LDAP servers as well). I'm so
> used to Oracle I sometimes tend to think these tools are generic.... Ldapbind
> can test without having to pass a username and password. It just responds with
> bind succeeded' (or something like that, I'm 'blessed' with a Dutch version).
> It's not possible to just copy the .exe program to a machine, it needs a bunch
> of oracle dll's.
> I don't know of any 'low level' command like HELO or GET.
> I tried to telnet my own Oracle LDAP server and indeed, I can open telnet on
> port 389, but I don't get any response. It stops working as soon as I press a
> key.
> It seems openldap and other implementations respond to telnet on 389, but
> oracle does not.
> I found a reference to using Oracle LDAP with telnet though. If you do not get
> any errors, the LDAP server is listening (but it won't respond and it will
> disconnect after a while) . If it's not, it will give a connection error
> (could not connect to host). I even tried this on port 636 (the ssl port). It
> just shows a cursor, but I'm not able to get out again.
> Shakespeare

OK, thanks for clarification.

Telnetig to the port at least tells you that you can access the server
and it is listening. I guess if you want to test further , you need to
either install some ldap utils, such as ldapsearch or you need to use
something like perl (but you still need the perl ldap module installed).

tcross (at) rapttech dot com dot au
First  |  Prev  | 
Pages: 1 2 3
Prev: V$DIAG_ALERT_EXT table